Thank you

We respond to all inquiries as quickly as possible – often the same day. If you need to speak with us right away please contact us by phone.

Loading...

Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers – is the security community’s go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

During Thanksgiving week, we noticed this quite unusual XML-format MS Office Document file Figure 1: Email Sample Saving a Word document file as XML is a legitimate option but criminals had taken advantage of this file format to circumvent malware...

The Australian Securities and Investment Commission (ASIC) is an independent government agency that is Australia's corporate, market and financial services regulator. ASIC provides several services including registration services for Australian companies. Opportunist Scammers taking advantage of the new year, leveraged...

Malware authors often distribute malware through code macros in Microsoft Office documents such as Word, Excel, or PowerPoint. Regardless of the particular Office version, macros can be executed whenever the user opens the file. By default users get warnings from...

Like good old Microsoft Office Macros, Compiled HTML (CHM) Help files have been utilized by malware authors for more than a decade to sneak malicious downloader code into files making them harder to detect. CHMs are a Microsoft proprietary online...

If you thought using BAT files was old hat, think again. While monitoring our Secure Email Gateway Cloud service, we came across several suspect spam emails targeting Brazilian users. The figure below shows email details to trick and entice users...

Albert Einstein once said, "Out of Complexity, Find Simplicity" but it also seems that simplicity is always related to a puzzle of complexity. This statement also applies to the Microsoft's Dynamic Data Exchange (DDE) protocol vulnerability exploit which was recently...

Authors: Dr. Fahim Abbasi, Nicholas Ramos, Rodel Mendrez and Gerald Carsula In our previous blog we highlighted how a group of scammers were targeting financial software customers by spamming out Microsoft Sharepoint URLs that lead the target to fake invoices...

It's that time of year where the seasons are changing. The Northern Hemisphere moves into Autumn, and the Southern Hemisphere moves to Spring. So it is with Locky. As we discussed in our last post, spam campaigns were downloading Locky...

Back in August 2017, Trustwave Spiderlabs reported a spam campaign that distributed a new Locky variant called "diablo." As predicted that incident was just a primer for a much bigger campaign and indeed just a few weeks later a new...

Authors: Dr. Fahim Abbasi and Rodel Mendrez We witnessed a sophisticated phishing campaign on 16th August 2017, targeting victims by sending spoofed phishing email messages appearing to come from Xero. Xero is a New Zealand-based software company that develops cloud-based...

Over two days in early August (the 8th and 9th), amidst of the active distribution of Trickbot malware, a new Locky ransomware variant called "diablo" has emerged from hell. The Trustwave SpiderLabs Spam Research Database has picked up a large...

A couple of weeks ago, we observed the Necurs botnet distributing a new malware spam campaign with a payload combo that includes Trickbot and Nitol. Trickbot is a banking trojan that first appeared late last year targeting banks in Europe,...

Contributed by: Gerald Carsula, Rodel Mendez and Nicholas Ramos Last June, we reported that Kovter was being spammed together with Cerber ransomware that used a fake email delivery notification. For the last few weeks another set of fake UPS delivery...

We previously outlined a spam campaign that delivered FAKEGLOBE and CERBER ransomwares. This week the spam party did not just include CERBER, but also decided to invite an old friend – the KOVTER family. In 2015, KOVTER, a click-fraud malware,...

Recently, we observed a constant influx of spam that distributes two ransomware families, perhaps trying to sneak in while everyone is focused with the recent WannaCry malware. Based on data from our Spam Research Database, an email campaign distributing FakeGlobe...

The Necurs botnet, which was responsible for millions of malicious spam messages last year, has recently been extremely active again. For the past three weeks it has spammed emails with a malicious PDF attachment that drops a word document with...

The infamous data-stealing URSNIF malware has done it again and it's here to collect more keystrokes, login credentials, browsing activities, and other user activities. It continues to undress and dress itself differently, time and time again. Earlier this year, we...

Stay Connected

Subscribe

Sign up to receive the latest security news
and trends from Trustwave.

No spam, unsubscribe at any time.

Trending Topics

All Trending

ModSecurity

Application Security

Malware

ModSecurity Rules

Penetration Testing

SpiderLabs Radio

MAPP

Advisories

Tools

Ready to Get Started?

Our specialists are ready to tailor our security service solutions to fit the needs of your organization.